head	1.2;
access;
symbols
	pkgsrc-2013Q2:1.2.0.40
	pkgsrc-2013Q2-base:1.2
	pkgsrc-2012Q4:1.2.0.38
	pkgsrc-2012Q4-base:1.2
	pkgsrc-2011Q4:1.2.0.36
	pkgsrc-2011Q4-base:1.2
	pkgsrc-2011Q2:1.2.0.34
	pkgsrc-2011Q2-base:1.2
	pkgsrc-2009Q4:1.2.0.32
	pkgsrc-2009Q4-base:1.2
	pkgsrc-2008Q4:1.2.0.30
	pkgsrc-2008Q4-base:1.2
	pkgsrc-2008Q3:1.2.0.28
	pkgsrc-2008Q3-base:1.2
	cube-native-xorg:1.2.0.26
	cube-native-xorg-base:1.2
	pkgsrc-2008Q2:1.2.0.24
	pkgsrc-2008Q2-base:1.2
	pkgsrc-2008Q1:1.2.0.22
	pkgsrc-2008Q1-base:1.2
	pkgsrc-2007Q4:1.2.0.20
	pkgsrc-2007Q4-base:1.2
	pkgsrc-2007Q3:1.2.0.18
	pkgsrc-2007Q3-base:1.2
	pkgsrc-2007Q2:1.2.0.16
	pkgsrc-2007Q2-base:1.2
	pkgsrc-2007Q1:1.2.0.14
	pkgsrc-2007Q1-base:1.2
	pkgsrc-2006Q4:1.2.0.12
	pkgsrc-2006Q4-base:1.2
	pkgsrc-2006Q3:1.2.0.10
	pkgsrc-2006Q3-base:1.2
	pkgsrc-2006Q2:1.2.0.8
	pkgsrc-2006Q2-base:1.2
	pkgsrc-2006Q1:1.2.0.6
	pkgsrc-2006Q1-base:1.2
	pkgsrc-2005Q4:1.2.0.4
	pkgsrc-2005Q4-base:1.2
	pkgsrc-2005Q3:1.2.0.2
	pkgsrc-2005Q3-base:1.2
	pkgsrc-2005Q2:1.1.0.2;
locks; strict;
comment	@# @;


1.2
date	2005.09.07.15.19.08;	author adam;	state dead;
branches;
next	1.1;

1.1
date	2005.08.12.12.27.30;	author salo;	state Exp;
branches
	1.1.2.1;
next	;

1.1.2.1
date	2005.08.12.12.27.30;	author snj;	state dead;
branches;
next	1.1.2.2;

1.1.2.2
date	2005.08.13.05.27.41;	author snj;	state Exp;
branches;
next	;


desc
@@


1.2
log
@Changes 3.01:
------------------
Added the continuous view mode, including the '-cont' switch and the
  'continuousView' config file option.
At high zoom levels, don't rasterize the entire page - this avoids
  problems running out of memory.
Added "search backward" and "match case" options to the find dialog.
Support explicitly masked images and soft masked images.
Add support to DCTStream for 16-bit quant tables.
Don't segfault if the user clicks on an outline entry with a broken
  destination.
Changed the makefiles and configure script to skip building pdftoppm
  (in addition to xpdf) if X, Motif, or FreeType is not found; changed
  the error message in the configure script to match.
Move an inline function in JArithmeticDecoder.cc to avoid compiler
  errors.
Fixed a bug in the rasterizer that was sometimes causing infinite
  loops with round line caps on vertical lines.
Various rasterizer optimizations.
Look for intermediate resize events - try to avoid lagging when the
  user is doing an opaque resize.
The FormType key in Form XObjects is optional.
Handle external 16-bit TrueType fonts correctly, using the Unicode
  cmap.
Add class declarations to TextOutputDev.h to work with stricter C++
  compilers.
More...
@
text
@$NetBSD: patch-as,v 1.1 2005/08/12 12:27:30 salo Exp $

Fix for CAN-2005-2097, from Ubuntu and RedHat.

--- xpdf/SplashOutputDev.cc.orig	2004-01-22 02:26:45.000000000 +0100
+++ xpdf/SplashOutputDev.cc	2005-08-12 13:54:26.000000000 +0200
@@@@ -621,16 +621,19 @@@@
       }
       break;
     case fontTrueType:
-      if (!(ff = FoFiTrueType::load(fileName->getCString()))) {
-	goto err2;
-      }
+      if ((ff = FoFiTrueType::load(fileName->getCString()))) {
       codeToGID = ((Gfx8BitFont *)gfxFont)->getCodeToGIDMap(ff);
+	n = 256;
       delete ff;
+      } else {
+	codeToGID = NULL;
+	n = 0;
+      }
       if (!(fontFile = fontEngine->loadTrueTypeFont(
 			   id,
 			   fileName->getCString(),
 			   fileName == tmpFileName,
-			   codeToGID, 256))) {
+			   codeToGID, n))) {
 	error(-1, "Couldn't create a font for '%s'",
 	      gfxFont->getName() ? gfxFont->getName()->getCString()
 	                         : "(unnamed)");
@


1.1
log
@Security fix for CAN-2005-2097.

"A vulnerability has been reported in Xpdf, which can be exploited by
malicious people to cause a DoS (Denial of Service) on a vulnerable system."

http://secunia.com/advisories/16374/

Patches from Ubuntu and RedHat.
@
text
@d1 1
a1 1
$NetBSD$
@


1.1.2.1
log
@file patch-as was added on branch pkgsrc-2005Q2 on 2005-08-12 12:27:30 +0000
@
text
@d1 30
@


1.1.2.2
log
@Pullup ticket 676 - requested by Lubomir Sedlacik
security fix for xpdf

Revisions pulled up:
- pkgsrc/print/xpdf/Makefile		1.38
- pkgsrc/print/xpdf/distinfo		1.20
- pkgsrc/print/xpdf/patches/patch-ar	1.1
- pkgsrc/print/xpdf/patches/patch-as	1.1

   Module Name:    pkgsrc
   Committed By:   salo
   Date:           Fri Aug 12 12:27:30 UTC 2005

   Modified Files:
           pkgsrc/print/xpdf: Makefile distinfo
   Added Files:
           pkgsrc/print/xpdf/patches: patch-ar patch-as

   Log Message:
   Security fix for CAN-2005-2097.

   "A vulnerability has been reported in Xpdf, which can be exploited by
   malicious people to cause a DoS (Denial of Service) on a vulnerable system."

   http://secunia.com/advisories/16374/

   Patches from Ubuntu and RedHat.
@
text
@a0 30
$NetBSD: patch-as,v 1.1.2.1 2005/08/13 05:27:41 snj Exp $

Fix for CAN-2005-2097, from Ubuntu and RedHat.

--- xpdf/SplashOutputDev.cc.orig	2004-01-22 02:26:45.000000000 +0100
+++ xpdf/SplashOutputDev.cc	2005-08-12 13:54:26.000000000 +0200
@@@@ -621,16 +621,19 @@@@
       }
       break;
     case fontTrueType:
-      if (!(ff = FoFiTrueType::load(fileName->getCString()))) {
-	goto err2;
-      }
+      if ((ff = FoFiTrueType::load(fileName->getCString()))) {
       codeToGID = ((Gfx8BitFont *)gfxFont)->getCodeToGIDMap(ff);
+	n = 256;
       delete ff;
+      } else {
+	codeToGID = NULL;
+	n = 0;
+      }
       if (!(fontFile = fontEngine->loadTrueTypeFont(
 			   id,
 			   fileName->getCString(),
 			   fileName == tmpFileName,
-			   codeToGID, 256))) {
+			   codeToGID, n))) {
 	error(-1, "Couldn't create a font for '%s'",
 	      gfxFont->getName() ? gfxFont->getName()->getCString()
 	                         : "(unnamed)");
@